Merge pull request #5572 from nocodb/fix/passport-strategies

fix: api-token strategy correction

packages/nocodb-nest/src/guards/global/global.guard.ts

@@ -13,13 +13,16 @@ export class GlobalGuard extends AuthGuard(['jwt']) {
 
   async canActivate(context: ExecutionContext) {
     let result;
+
+    const req = context.switchToHttp().getRequest();
+
+    if (req.headers?.['xc-auth']) {
       try {
         result = await this.extractBoolVal(super.canActivate(context));
       } catch (e) {
         console.log(e);
       }
-
-    const req = context.switchToHttp().getRequest();
+    }
 
     if (result && !req.headers['xc-shared-base-id']) {
       if (

packages/nocodb-nest/src/strategies/authtoken.strategy/authtoken.strategy.ts

@@ -2,34 +2,28 @@ import { Injectable } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
 import { Strategy } from 'passport-custom';
 import { ApiToken, ProjectUser, User } from '../../models';
-import type { Request } from 'express';
 
 @Injectable()
 export class AuthTokenStrategy extends PassportStrategy(Strategy, 'authtoken') {
-  constructor() {
-    super({
-      headerFields: ['xc-token'],
-      passReqToCallback: true,
-    });
-  }
-
   // eslint-disable-next-line @typescript-eslint/ban-types
-  async validate(req: Request, token: string, done: Function) {
+  async validate(req: any, callback: Function) {
     try {
-      const apiToken = await ApiToken.getByToken(token);
+      let user;
+      if (req.headers['xc-token']) {
+        const apiToken = await ApiToken.getByToken(req.headers['xc-token']);
         if (!apiToken) {
-        return done({ msg: 'Invalid token' });
+          return callback({ msg: 'Invalid token' });
         }
 
-      const user: any = {};
+        user = {};
         if (!apiToken.fk_user_id) {
           user.roles = 'editor';
-        return done(null, user);
+          return callback(null, user);
         }
 
         const dbUser: Record<string, any> = await User.get(apiToken.fk_user_id);
         if (!dbUser) {
-        return done({ msg: 'User not found' });
+          return callback({ msg: 'User not found' });
         }
 
         dbUser.is_api_token = true;
@@ -40,15 +34,12 @@ export class AuthTokenStrategy extends PassportStrategy(Strategy, 'authtoken') {
           );
           user.roles = projectUser?.roles || dbUser.roles;
           user.roles = user.roles === 'owner' ? 'owner,creator' : user.roles;
-        // + (user.roles ? `,${user.roles}` : '');
-        // todo : cache
-        // await NocoCache.set(`${CacheScope.USER}:${key}`, user);
-        return done(null, user);
+          return callback(null, user);
         }
-
-      return done(null, dbUser);
+      }
+      return callback(null, user);
     } catch (error) {
-      return done(error);
+      return callback(error);
     }
   }
 }

packages/nocodb-nest/src/strategies/jwt.strategy.ts

@@ -1,6 +1,6 @@
-import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { Injectable } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
-import { ExtractJwt, Strategy } from 'passport-jwt';
+import { Strategy } from 'passport-jwt';
 import { OrgUserRoles } from 'nocodb-sdk';
 import NocoCache from '../cache/NocoCache';
 import { ProjectUser, User } from '../models';